package com.css.ztb.web.user;

import com.css.ztb.domain.AjaxResult;
import com.css.ztb.util.ShiroUtils;
import com.css.ztb.util.StringUtils;
import com.google.code.kaptcha.Constants;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * @author shipeilei
 * @date 2020-6-25 17:11:19
 * @desc desc
 */
@Controller
public class LoginController {

    @GetMapping("/login")
    public String login(HttpServletRequest request, HttpServletResponse response) {
        return "login";
    }

    @PostMapping("/login")
    @ResponseBody
    public AjaxResult ajaxLogin(String username, String password, String validateCode, Boolean rememberMe) {
        UsernamePasswordToken token = new UsernamePasswordToken(username, password, rememberMe);
        Subject subject = SecurityUtils.getSubject();
        try {
            subject.login(token);
            if (!validateResponse(validateCode)) {
                return AjaxResult.error("验证码错误");
            }
            return AjaxResult.success();
        } catch (AuthenticationException e) {
            String msg = "用户或密码错误";
            if (StringUtils.isNotEmpty(e.getMessage())) {
                msg = e.getMessage();
            }
            return AjaxResult.error(msg);
        }
    }

    public boolean validateResponse(String validateCode) {
        Object code = ShiroUtils.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
        if (StringUtils.isNull(validateCode) || StringUtils.isNull(code) || !validateCode.equals(code))
        {
            return false;
        }
        return true;
    }
}
